Akamai Guardicore

Dashboard Widgets

General (General overview of the system)

USP Compliance (The number of rules with violations, according to their severity level)

Cleanup (Summary of the number of rules that are disabled, and, from 5.2, rules that have not been hit in the past year or are highly permissive)

Browsers

Rule Viewer (see Rule Viewer)

USP Viewer (see USP Viewer)

USP Alert Manager Viewer (see USP Alerts Manager)

USP Exceptions Viewer (see USP Exceptions)

Device Viewer (see Device Viewer)

(From 5.2) Topology
Select assets in Path Analysis Query
Path Analysis

Visibility and search in Rule Viewer

  • In TOS, Guardicore labels display as tags.

  • For rules with tags, the Rule Viewer displays the tag value. Hovering over the tag shows the tag key, the tag value, and, starting from TOS 5.2, the assets associated with the tag.

  • The Rule Viewer supports Guardicore-specific TQL fields.

    • destination.tag, source.tag

    • (from 5.2) source.assetTag and destination.assetTag

    These fields require key:value pairs within single quotes.

    For example: destination.tag=('application:tufin')

    See TQL and TQL fields for Rule Viewer.

  • In Rule Viewer, the Last Hit field shows the last hit date that is displayed in the Guardicore device. From Rule Viewer, search timeLastHit to identify unused rules, You can also search object.timeLastHit and object.notHit to identify unused objects within rules. For details, see TQL queries in the Rule Viewer.

Asset types

Tags apply to workload assets or endpoint assets.

Tag expressions and tag groups

  • A tag expression is a single key-value pair, or multiple comma-separated key-value pairs.

  • A tag group is a set of one or more tag expressions.

  • AND and OR relationships in tag expressions and tag groups

    • Within a tag expression, multiple tags (same line) have an AND relationship, represented in TOSby commas.

    • Multiple tag expressions on different lines have an OR relationship between them.

Compliance support for tag-based policies

Adding Guardicore tags to zones allows you to use tag-based zones in Unified Security Policies (USPs). This enables compliance management and validation for Guardicore microsegmentation policies that use Guardicore tags and networks in zone definitions.

See adding tags to zones.

(From 5.2) Topology

The following table displays which assets are shown when performing a path analysis query.

Path analysis query Microsegmentation Check Selected? Where?
Managed Asset/s → Managed Asset/s Yes Source + Destination
Managed Asset → Unmanaged Asset Yes Source only
IP (managed) → IP (non-managed asset) Yes Source only
Host object/s (managed) → Host object/s (non-managed) Yes Source only
Managed Asset → Subnet / Range / ANY Source only Source only
Subnet / Range → Managed Asset Destination only Destination only
Managed Asset → IP (non existing as any asset) Source only Source only
Unmanaged Asset → Subnet/Non managed IP No Not shown
Subnet → Subnet No Not shown
IP (non managed) → IP (non-managed) No Not shown
Unmanaged Asset → Unmanaged Asset No Not shown